package com.xpc.shiro.realm;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.xpc.pojo.Role;
import com.xpc.pojo.User;
import com.xpc.pojo.qin.NormalLogin;
import com.xpc.service.IRoleService;
import com.xpc.service.IUserService;
import com.xpc.service.NormalLoginService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.ObjectUtils;

/**
 * @author Qinkuer
 * @version 1.0.0
 * @ProjectName UniversityGradeAdministrationSystem
 * @ClassName AccountUserRealm.java
 * @Description TODO 要使用该域需要先设置好如何获取用户角色,权限,加密后的密码,盐
 * @createTime 2022年05月21日 10:48:00
 */
public class AccountUserRealm extends AuthorizingRealm {

    @Autowired
    private NormalLoginService normalLoginService;

    @Autowired
    private IRoleService iRoleService;
    @Autowired
    private IUserService iUserService;


    /**
     * @param principalCollection 可以认为是账号信息. 这个不需要你理解是什么,你又不会调用它.是shiro调用它.
     * @return org.apache.shiro.authz.AuthorizationInfo
     * @description 授权 : 根据用户角色,赋予实例对应的角色和权限
     * @author Qinkuer
     * @Date 2022/5/21
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        String accountId = (String) principalCollection.getPrimaryPrincipal();
        NormalLogin normalLogin = normalLoginService.getUser(accountId);
        User user = iUserService.getById(normalLogin.getUserId());
        Role one = iRoleService.getById(user.getPositionState());
        if(one==null)
            return null;
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.addRole(one.getRoleName());
        return simpleAuthorizationInfo;
    }

    /**
     * @param authenticationToken 认证用的Token.由账号和密码生成
     * @return org.apache.shiro.authc.AuthenticationInfo
     * @description 认证: 根据传入的Token获取账号和密码,再与数据库中的进行匹配.
     * @author Qinkuer
     * @Date 2022/5/21
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//        账号
        String accountId = (String) authenticationToken.getPrincipal();
        NormalLogin user = normalLoginService.getUser(accountId);
        if (!ObjectUtils.isEmpty(user)) {
//        TODO  注意这里的ByteSource.Util.bytes(user.getSalt())  说不定有大病
            SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(user.getAccountId(), user.getPassword(), ByteSource.Util.bytes(user.getSalt()), this.getName());
            return simpleAuthenticationInfo;
        }

        return null;
    }
}
